Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/Db8JmQFrHbrslQy_0_sI8qPfsLc.roa
File: Db8JmQFrHbrslQy_0_sI8qPfsLc.roa (raw, json)
Hash identifier: h9edWzGv+GirDt6SdrQhWfZqKoYQaPxuFx4R8MWBJlc=
Subject key identifier: 0D:BF:09:99:01:6B:1D:BA:EC:95:0C:BF:D3:FB:08:F2:A3:DF:B0:B7
Certificate issuer: /CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
Certificate serial: 019427B539E21C17ADC3C39B6F221D2D4330
Authority key identifier: 2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/Db8JmQFrHbrslQy_0_sI8qPfsLc.roa
Signing time: Thu 02 Jan 2025 15:49:35 +0000
ROA not before: Thu 02 Jan 2025 15:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210104
IP address blocks: 85.115.212.0/22 maxlen: 22
93.177.88.0/22 maxlen: 22
185.215.74.0/24 maxlen: 24
185.215.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:39:e2:1c:17:ad:c3:c3:9b:6f:22:1d:2d:43:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
Validity
Not Before: Jan 2 15:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dbf0999016b1dbaec950cbfd3fb08f2a3dfb0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6b:83:8e:06:f5:64:65:72:63:84:d8:dc:57:
fe:15:0d:a1:bc:5e:93:de:1e:64:19:4b:41:d3:c2:
de:be:36:91:fd:dd:e4:39:95:38:b6:b3:23:82:e2:
b7:a7:70:20:5c:2e:18:c1:2e:83:29:19:94:ef:09:
2a:55:51:18:5d:74:f6:b8:27:19:54:5a:8f:40:66:
d5:aa:f8:0f:d8:3b:f1:9c:4a:ba:92:9d:b1:73:6b:
35:c2:12:52:44:08:be:63:f0:7b:5e:60:39:72:2b:
9d:6d:08:21:99:cc:ba:13:26:c2:2d:6e:38:05:41:
55:18:83:82:7a:3b:d9:76:9b:45:ba:66:90:94:2b:
97:86:28:f1:54:e8:b0:c6:0c:d2:30:e3:6e:31:00:
8f:d0:82:09:e3:e6:34:27:ff:bc:b3:ca:de:1e:b9:
ee:95:61:ea:b9:01:31:86:1e:a2:27:b0:9a:c3:b6:
15:e8:d0:88:51:eb:5a:c2:9a:b5:91:9f:4c:d8:75:
c6:64:ea:fa:d4:75:dc:55:05:f2:b6:4a:09:76:98:
04:9a:56:6a:65:e0:b0:9b:c4:fc:0c:9a:33:8c:3a:
03:b1:96:e3:1c:86:a1:6f:d3:2f:43:39:f2:48:27:
cd:a4:12:3a:9a:ef:78:a8:b1:af:0b:38:f4:12:1c:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BF:09:99:01:6B:1D:BA:EC:95:0C:BF:D3:FB:08:F2:A3:DF:B0:B7
X509v3 Authority Key Identifier:
keyid:2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/Db8JmQFrHbrslQy_0_sI8qPfsLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.212.0/22
93.177.88.0/22
185.215.74.0/23
Signature Algorithm: sha256WithRSAEncryption
62:67:31:aa:94:0c:48:07:ac:54:bb:80:2f:5a:19:09:24:e3:
d2:99:aa:de:74:f2:28:f0:ec:f5:61:06:e1:08:91:a1:8a:b5:
14:b9:18:f4:12:5e:57:93:03:52:ae:bd:47:d7:91:5f:f9:57:
8d:45:34:8e:b2:5e:7c:14:87:02:d1:ba:53:09:55:b7:52:5c:
84:38:7c:d5:cd:78:e2:7c:60:49:05:8f:2e:d8:b3:7c:73:f3:
7b:6c:0e:c7:56:96:9b:ec:f5:7f:e2:50:01:b4:dd:ec:59:88:
d9:ac:0e:3d:39:62:2c:03:be:ec:df:12:ff:88:c3:60:74:f3:
fb:d8:6f:3a:1a:85:21:45:4c:bc:05:ad:37:60:cc:43:dd:18:
17:66:a3:ae:74:04:01:46:77:9b:dd:4b:04:bd:c3:da:7b:9e:
90:cb:c8:74:09:e0:b3:90:c4:d8:40:0b:27:ce:d3:dc:7a:76:
8f:a5:87:8d:af:15:31:77:a7:bc:44:13:4b:90:10:1e:bd:25:
f8:c3:c4:f3:59:d8:91:f3:56:fc:65:4a:1d:0f:16:22:b1:7f:
58:fc:d1:2f:2f:59:15:1d:1f:a1:95:4e:ec:48:47:45:4e:55:
45:79:3a:e5:31:60:f7:83:9f:b0:ca:d8:bb:9c:b9:b0:8b:50:
65:f3:29:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntTniHBetw8ObbyIdLUMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTQ4NzVkYmUzMGJlNGY3ZmM0NGEwNDY4YjUxYjE3OGVk
ZjY0ZTYwHhcNMjUwMTAyMTU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJmMDk5OTAxNmIxZGJhZWM5NTBjYmZkM2ZiMDhmMmEzZGZiMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2uDjgb1ZGVyY4TY3Ff+FQ2hvF6T
3h5kGUtB08LevjaR/d3kOZU4trMjguK3p3AgXC4YwS6DKRmU7wkqVVEYXXT2uCcZ
VFqPQGbVqvgP2DvxnEq6kp2xc2s1whJSRAi+Y/B7XmA5ciudbQghmcy6EybCLW44
BUFVGIOCejvZdptFumaQlCuXhijxVOiwxgzSMONuMQCP0IIJ4+Y0J/+8s8reHrnu
lWHquQExhh6iJ7Caw7YV6NCIUetawpq1kZ9M2HXGZOr61HXcVQXytkoJdpgEmlZq
ZeCwm8T8DJozjDoDsZbjHIahb9MvQznySCfNpBI6mu94qLGvCzj0EhzV4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA2/CZkBax267JUMv9P7CPKj37C3MB8GA1UdIwQY
MBaAFC9Uh12+ML5Pf8RKBGi1GxeO32TmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFTSFhiNHd2azlfeEVvRWFMVWJGNDdmWk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kYTUzYjktZGNhNS00OTVkLTg3NjMt
YmZlYTYxYjc3MGI2LzEvRGI4Sm1RRnJIYnJzbFF5XzBfc0k4cVBmc0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kYTUzYjktZGNhNS00OTVkLTg3NjMtYmZlYTYxYjc3MGI2
LzEvTDFTSFhiNHd2azlfeEVvRWFMVWJGNDdmWk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXPUAwQC
XbFYAwQBuddKMA0GCSqGSIb3DQEBCwUAA4IBAQBiZzGqlAxIB6xUu4AvWhkJJOPS
maredPIo8Oz1YQbhCJGhirUUuRj0El5XkwNSrr1H15Ff+VeNRTSOsl58FIcC0bpT
CVW3UlyEOHzVzXjifGBJBY8u2LN8c/N7bA7HVpab7PV/4lABtN3sWYjZrA49OWIs
A77s3xL/iMNgdPP72G86GoUhRUy8Ba03YMxD3RgXZqOudAQBRneb3UsEvcPae56Q
y8h0CeCzkMTYQAsnztPcenaPpYeNrxUxd6e8RBNLkBAevSX4w8TzWdiR81b8ZUod
DxYisX9Y/NEvL1kVHR+hlU7sSEdFTlVFeTrlMWD3g5+wyti7nLmwi1Bl8yks
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:16:13 2025 by rpki-client